SlowMist: Beware of a malicious npm package named "@openclaw-ai/openclawai"

CoinFeed reported on March 10 that SlowMist issued a warning about a malicious npm package called "@openclaw-ai/openclawai". This package masquerades as a legitimate command-line tool called OpenClaw Installe, deploying a multi-layered attack chain to steal system credentials, encrypted wallet private keys, browser data, SSH keys, Apple Keychain databases, and other information.